cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
1
Upvote

Group Sync via Azure OIDC SCIM Connection

Ben298571795akb
New Here ,
May 12, 2023 May 12, 2023

Hello! I have recently been tasked with migrating off of the onprem python job of syncing users from active directory to the adobe identity management tool. When reveiewing all of the documentation for SCIM provisioning for Adobe, there is no documentation about group management via SCIM. When trying to test user sync between Azure and Adobe, I noticed that the user account will get recreated and no groups will be added to the user, so all products and groups information gets deleted. Are there detailed instructions somewhere on how to adjust the SCIM user and or group mappings to send this group and product zone to adobe so that information is synced correctly? Or are there ways to manually map the group name to what currently exists in Adobe as they are different and synced via this python job?

TOPICS
Identity and SSO
1.8K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Ashish_Harrison Adobe Employee
Adobe Employee , May 16, 2023 May 16, 2023

Hi @Ben298571795akb you need to turn off UST/UMAPI and switch to Azure SCIM. 
If you find this answer incorrect could you please provide the information you found?

Thanks!

Translate
replies 3 Replies 3
latest latest Jump to latest reply
Ashish_Harrison Adobe Employee
Adobe Employee ,
May 15, 2023 May 15, 2023

Hi @Ben298571795akb you can sync user groups and nested groups from Azure to Adobe Admin Console; you need a Premium (P1 or P2) or Microsoft 365 (E3 or A3) subscription.

As Azure takes time, I recommend you try with 1 user group for testing.

Synced user group names cannot be changed as Azure manages them.

 

For more, you can refer to the help documents:

https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/adobe-identity-management-provisi...

 

https://helpx.adobe.com/in/enterprise/using/add-azure-sync.ug.html#notes-before-sync

 

 

Regards,
Ashish Harrison
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Ben298571795akb
New Here ,
May 16, 2023 May 16, 2023
In Response To Ashish_Harrison

For clarity, this answer is not the "correct" answer. What Adobe needs, is specific and more flushed out documentation on the migration from the UST that exists on prem, to the Azure Sync SCIM method, highlighting the areas where you need to know what to switch in each tool. I was able to find the information I needed, but after hours of searching and trial and error.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Ashish_Harrison Adobe Employee
Adobe Employee ,
May 16, 2023 May 16, 2023
LATEST
In Response To Ben298571795akb

Hi @Ben298571795akb you need to turn off UST/UMAPI and switch to Azure SCIM. 
If you find this answer incorrect could you please provide the information you found?

Thanks!

Regards,
Ashish Harrison
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
In Case You Missed It...
Enterprise and teams | Updates and releases | ICYMI...
Open in a new window
User Guides
Administration User Guide
Open in a new window
Shared Device Licensing | Deployment guide
Open in a new window
Named User Licensing Migration Guide
Open in a new window
Important Information
Community Guidelines
Open in a new window
Admin Console Status
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices